package net.seehope.foodie.web.config;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Component;

/**
 * 自定义的用户数据获取，自定义的用户信息校验，自定义的密码加密逻辑
 * @author Administrator
 *
 */

@Component
public class UserDetailServiceConfiguration implements UserDetailsService{

	private static final Logger log = LoggerFactory.getLogger(UserDetailServiceConfiguration.class);
	
	@Autowired
	private PasswordEncoder passwordEncoder;
	
	@Override
	public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
		
		log.info("登录用户名:" + username);
		
		//这里直接写死一个password，实际上需要查后台返回，与前端输入的进行校验
		/**
		 * 后台查出密码，以及对应的权限列表，根据查找出来的用户信息判断用户是否被锁定，删除，登录状态过期，密码过期
		 * 这里不一定要使用spring自带的user类，只需要实现userdetail接口的对象即可，可以使用自定义的，符合项目的自定义user对象，实现该接口逻辑
		 * 权限列表应该存在数据库中作为数据提取到security配置中 密码和权限列表，都要去读取
		 */
		String password = passwordEncoder.encode("123456");
		log.info(password);	
		//最后一个字段为权限列表
		User user = new User(username, password, true, true, true, true, AuthorityUtils.commaSeparatedStringToAuthorityList("admin"));
		return user;
	}
	

}
